RCMS Cheat Sheet 2026

The 30 highest-yield RCMS facts, distilled from real exam questions. Print it, save it as a PDF, or study it here — free, no sign-up.

100 questions
150 min time limit
70.00% to pass
  1. Which document records risk identification and evaluation? Risk register.
  2. What is a whistleblower in corporate governance? Someone reporting misconduct.
  3. Which financial statement fraud scheme involves recording revenue that has not been earned? Fictitious revenue scheme
  4. Which of the following is the best example of a detective control in a fraud prevention framework? Surprise audits of petty cash funds
  5. Under the Dodd-Frank Act, which entities are required to file annual compliance reports with their applicable regulator? Swap dealers and major swap participants registered with the CFTC
  6. What role does a compliance officer play? Overseeing compliance activities.
  7. What is the primary legal protection afforded to internal whistleblowers under SOX Section 806? Protection from termination, demotion, or harassment for reporting suspected fraud
  8. Under the IRS whistleblower program, awards are available for information leading to the collection of unpaid taxes exceeding what threshold? $2 million in disputed amounts
  9. Which of the following best describes a key competency required for third-party compliance management in RCMS practice? Strong analytical skills combined with effective communication and ethical judgment
  10. Which document serves as the primary written record of an organization's compliance policies, procedures, and standards? Compliance manual
  11. What is residual risk? Risk that remains after controls.
  12. Under HIPAA, covered entities must maintain documentation of their privacy policies and procedures for how long? 6 years from creation or last effective date, whichever is later
  13. Which act mandates financial transparency and fraud prevention? Sarbanes-Oxley Act.
  14. In the context of RCMS certification, what is the most important consideration when implementing investigation & remediation procedures? Ensuring alignment with established standards, stakeholder needs, and best practices
  15. Which internal control specifically helps detect ghost employee fraud in payroll? Periodic reconciliation of payroll records to HR-approved employee lists
  16. A company's compliance program should include a financial fraud risk assessment that is performed at minimum: Periodically and when significant organizational changes occur
  17. What is the purpose of regulatory frameworks in compliance management? To ensure adherence to laws and standards.
  18. What is the consequence of poor compliance? Legal penalties.
  19. What does the 'fraud triangle' model identify as the three elements necessary for occupational fraud to occur? Pressure, opportunity, and rationalization
  20. What is the relationship between ethics and corporate governance? Ethics guides behavior; governance ensures compliance.
  21. When a compliance report submitted to a regulator contains material misstatements, what category of risk does this create? Legal, regulatory, and potentially criminal risk in addition to reputational risk
  22. What is the primary purpose of corporate governance? To ensure accountability and transparency.
  23. What is the primary purpose of a Suspicious Activity Report (SAR) filed with FinCEN? To alert law enforcement of potentially illegal financial activity
  24. Which is an example of an internal control? Reconciliation of accounts.
  25. Which internal control is most effective at preventing check tampering fraud? Segregation of duties between check preparation and authorization
  26. Which agency administers the whistleblower program under the Commodity Exchange Act (CEA)? Commodity Futures Trading Commission (CFTC)
  27. What is the first step in implementing a compliance program? Conducting a risk assessment.
  28. Which internal control helps prevent fraud? Segregation of duties.
  29. Which of the following best describes an 'open door' reporting policy in a compliance program? Employees may report concerns to any level of management without fear of reprisal
  30. A compliance officer is designing a whistleblower program. Which feature is most critical to encourage reporting? Anonymity and anti-retaliation protections
Turn these facts into recall: